94442a036e380330730ff30ae14c6851_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94442a036e380330730ff30ae14c6851_JaffaCakes118
Size

54KB
MD5

94442a036e380330730ff30ae14c6851
SHA1

c53ae51a576187d162264c7859e4162829df939a
SHA256

a6b781623e98e5af3c22b647dbbf2da911403d63347fc341a75f356ce2ca77ef
SHA512

c8f2b4e0424cb6a997054410a28f7ccbca0357fa015f1998ca783006a607f256d32acccf35945b8fab6e07f969b5ea5e579f30f1c200552b8b18280b8af2cdb3
SSDEEP

768:u1kXBrEiDu4jxAfSIYTdL3HZlhnfu21/O/0SOEeXCAiWhBz1tmnGfyHarOfOb2:7W4WYTdLLA21GDAC1YptmGf+qOfq2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94442a036e380330730ff30ae14c6851_JaffaCakes118

Files

94442a036e380330730ff30ae14c6851_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 44KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE